(12) INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(19) World Intellectual Property Organization 
International Bureau 

(43) International Publication Date 
4 January 2001 (04.01.2001) 




PCT 



111 



(10) International Publication Number 

WO 01/01628 Al 



(51) International Patent Classification 7 



(21) International Application Number: PCT/EPOO/05297 

(22) International Filing Date: 8 June 2000 (08.06.2000) 



(25) Filing Language: 

(26) Publication Language: 



H04L 9/32 (81) Designated States (national): AE, AG, AL, AM, AT, AT 
(utility model), AU, AZ, BA, BB, BG, BR, BY, CA, CH, 
CN, CR, CU, CZ, CZ (utility model), DE, DE (utility 
model), DK, DK (utility model), DM, DZ, EE, EE (utility 
model), ES, FI, FI (utility model), GB, GD, GE, GH, GM, 
HR, HU, ID, IL, IN, IS, JP, KE, KG, KP, KR, KZ, LC, LK, 
LR, LS, LT, LU, LV, MA, MD, MG, MK, MN, MW, MX, 
English N0> PLi R0 , RU, SD, SE, SG, SI, SK, SK (utility 

model), SL, TJ, TM, TR, TT, TZ, UA, UG, UZ, VN, YU, 
English ZA, ZW. 



(30) Priority Data: 
60/141,178 
09/415,542 



25 June 1999 (25.06. 1999) US 
8 October 1999 (08.10.1999) US 



(71) Applicant: TELEFONAKTIEBOLAGET LM ERICS- 
SON (publ) [SE/SE]; S-126 25 Stockholm (SE). 



(84) Designated States (regional): ARIPO patent (GH, GM, 
KE, LS, MW, MZ, SD, SL, SZ, TZ, UG, ZW), Eurasian 
patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), European 
patent (AT, BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, 
IT, LU, MC, NL, PT, SE), OAPI patent (BF, BJ, CF, CG, 
CI, CM, GA, GN, GW, ML, MR, NE, SN, TD, TG). 



(72) Inventors: PERSSON, Joakim; Iliongranden 147, S-224 
72 Lund (SE). SMEETS, Ben; Dalbackavagen 11, S-240 
10 Dalby (SE). 

(74) Agent: ERICSSON MOBILE COMMUNICATIONS 

AB; IPR Dept., S-221 83 Lund (SE). 



Published: 

— With international search report. 

For two-letter codes and other abbreviations, refer to the "Guid- 
ance Notes on Codes and Abbreviations" appearing at the begin- 
ning of each regular issue of the PCT Gazette. 



=j (54) Title: MODULATED MESSAGE AUTHENTICATION SYSTEM AND METHOD 



00 



o 



10 



Tronsmltling Node 
50 



K 


Pseudo-Noise 
Generator 




52 — j LFSR 







55 



XiOO] 
Mop 



Xi(K) S 

L 



[Keyed Voluel 



58 



40— 



45— 



LFSR 



48— 



CRC 
Compute 



36a-{CRC 



(57) Abstract: A telecommunications system and 
method is disclosed for implementing a message 
authentication code (MAC) for transmitted digital 
information signals. Digital information signals 
typically include an error detecting code, such as 
a Cyclic Redundancy Check (CRC) code (36a), to 
ensure reliable delivery of the information. In order 
to verify the identity of the sending node (10), the 
CRC code (36a) can be modulated by a sequence 
known only to the participating nodes. Thus, 
the CRC code (36a) not only provides an error 
detecting function, but also serves as a message 
authentication code. 
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MODULATED MESSAGE AUTHENTICATION SYSTEM AND METHOD 

BACKGROUND OF THE PRESENT INVENTION 

This application claims the priority under 35 
U.S.C. 119(e)(1) of co-pending U.S. Provisional 
Application No. 60/141,178, filed on June 25, 1999. 

Field of the Invention 

The present invention relates generally to 
telecommunications systems and methods for verifying 
the authenticity of a received message, and 
specifically to providing a method to verify the 
identity of the transmitting node. 

Background an d Objects of the Present Invention 

A telecommunications network is formed, at a 
minimum, by a transmitter and a receiver interconnected 
by a communications channel. The transmitter forms at 
least a portion of a transmitting node, and the 
receiver forms at least a portion of a receiving node. 
Information to be communicated by the transmitter to 
the receiver is modulated to form communications 
signals that are transmitted upon the communications 
channel to the receiving node. Thereafter, the 
information contained within the communications signals 
is recovered by the receiving node. 

In a radio telecommunications network, the 
communications channel is formed of a radio channel 
defined upon a portion of the electromagnetic spectrum. 
However, radio channels are inherently public in 
nature. Therefore, a communications signal transmitted 
upon a radio channel can be detected by any receiving 
node tuned to that radio channel. Thus, an 
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unauthorized party may be able to intercept the 
transmitted communications signal. Analogous security 
problems are also of concern in wireline 
telecommunications networks in the event that an 
5 unauthorized party gains access to the wireline 

communications channel . 

Therefore, to ensure user protection and 
information secrecy, many telecommunications networks 
are now providing security measures to the users. For 

10 example, many networks require all nodes participating 

in- a communication to provide an authentication key at 
the time of call setup. In addition, once the 
identities of the participating nodes have been 
verified, the authentication keys can be used to derive 

15 an encryption key that allows the nodes to encrypt the 

information transmitted therebetween. However, if 
after authentication,- encryption is not switched on, 
one of the participating nodes could later be replaced 
by an unauthorized party without the other node(s) 

20 realizing that this has occurred. This has become an 

especially serious problem in certain countries where 
only weak ciphering or no ciphering at all is 
permitted. 

Therefore, another security measure implemented by 
25 some telecommunications networks to ensure information 

secrecy is the inclusion of a message authentication 
code (MAC) along with the transmitted information. In 
a digital telecommunications network, where digital 
information signals are formed of sequences of bits, 
30 one conventional method of introducing a MAC is to add 

additional bits to the digital information signal. 
Exactly what bits to add depends upon the signal itself 
and a secret key known only to the involved nodes. For 
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example, the extra bits might be computed through a 
hash function. However, adding bits to the digital 
information signal increases the complexity of the 
transmitted communications signal, which undesirably 
increases the consumption of valuable network 
resources. 

It is, therefore, an object of the present 
invention to provide a message authentication code to 
verify the identity of the transmitting node for each 
transmitted digital information signal. 

It is a further object of the present invention to 
implement a message authentication procedure without 
adding to the complexity of the transmitted 
information . 

SUMMARY OF THE INVENTION 

The present invention is directed to 
telecommunications systems and methods for implementing 
a message authentication code (MAC) for transmitted 
digital information signals . Digital information 
signals typically include an. error detecting code, such 
as a Cyclic Redundancy Check (CRC) code, to ensure 
reliable delivery of the information. In order to 
verify the identity of the transmitting node, the CRC 
code can be modulated by a sequence known only to the 
participating nodes. Thus, the CRC code not only 
provides an error detecting function, but also serves 
as a message authentication code. This modified CRC 
code is generated by both the transmitting node and the 
receiving node initializing a' Linear Feedback Shift 
Register (LFSR) state to a value generated for the 
current information signal corresponding to a common 
key known only to the participating nodes. Thereafter, 



WO 01/01628 



PCT/EPOO/05297 



the LFSR is clocked for each new digital information 
signal. The receiving node further defines a sliding 
window in which the number of failed CRC checks is 
counted. If the number of failed CRC checks in the 
5 sliding window surpasses a predefined threshold, an 

alarm at the receiving node is activated indicating 
that the transmitting node may be an unauthorized 
party. Thereafter, the receiving node can initiate a 
new authentication request to the transmitting node. 

10 BRIEF DESCRIPTION OF THE DRAWINGS 

The disclosed invention will be described with 
reference to the accompanying drawings, which show 
important sample embodiments of the invention and which 
are incorporated in the specification hereof by 
15 reference, wherein: 

FIGURE 1 illustrates the transmission of a payload 
including an error detection code from a transmitting 
node to a receiving node; 

FIGURES 2A and 2B illustrate the generation of 
20 linear recurring sequences for use in calculating the 

error detection code included in the payload shown in 
FIGURE 1 of the drawings; 

FIGURE 3 illustrates the generation of a modulated 
error detection code for message authentication in 
25 accordance with preferred embodiments of the present 

invention; 

FIGURE 4 illustrates a message authentication 
procedure using the modulated error detection code 
shown in FIGURE 3 of the drawings; and 
30 FIGURE 5 illustrates the steps for the message 

authentication procedure shown in FIGURE 4 of the 
drawings . 
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DETAILED DESCRIPTION OF THE PRESENTLY PREFERRED 
EXEMPLARY EMBODIMENTS 

The numerous innovative teachings of the present 
application will be described with particular reference 
to the presently preferred exemplary embodiments. 
However, it should be understood that this class of 
embodiments provides only a few examples of the many 
advantageous uses of the innovative teachings herein. 
In general, statements made in the specification of the 
present application do not necessarily delimit any of 
the various claimed inventions. Moreover, some 
statements may apply to some inventive features but not 
to others. 

With reference now to FIGURE 1 of the drawings, 
digital communications signals, hereinafter referred to 
as payloads 30, can be sent over a communications 
channel 15 from a transmitting node 10 to a receiving 
node 20. This communications channel 15 can be a 
wireline channel or a wireless channel. Each payload 
30 typically consists of a payload header 32 
specifying, for example, the communications channel 
used, a payload body 34 containing information, e.g. , 
voice or data, to be transmitted from the transmitting 
node 10 to the receiving node 20, and an error 
detecting code 36a. 

These error detecting codes 36a ensure the 
reliable transmission of the information 34 included in 
the corresponding payloads 30. For example, one type 
of error detecting code 36a is a Cyclic Redundancy 
Check (CRC) code. The CRC code 36a is typically 
generated in a circuit 40 consisting of a Linear 
Feedback Shift Register (LFSR) 45 and CRC computation 
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logic 48. Before computing the CRC code 3 6a of the 
current payload 30, the LFSR 45 is initialized to a 
known state consisting of, for example, a certain 
number of bits of the address of the transmitting node 
5 10. Thereafter, the LFSR 45 produces feedback elements 

used by the CRC calculation logic 48 to calculate the 
CRC code 36a. This CRC code 3 6a is appended to the 
payload body 34 and transmitted to the receiving node 
20. 

10 Upon receiving the payload 30, the receiving node 

20 performs the same calculation as the transmitting 
node 10. For example, for each received payload 30, 
the receiving node 10 initializes the LFSR 45 to the 
same state as the transmitting node 10 did, and 

15 corresponding CRC calculation logic 48 calculates the 

CRC code 36b for that received payload 30 using the 
feedback elements generated by the LFSR 45 within- the 
receiving node 20. If the CRC code 36b calculated by 
the receiving node 20 is the same as the CRC code 36a 

20 accompanying the payload 30, the payload 30 is accepted 

as correctly received. 

An example of the generation of feedback elements 
70 by the LFSR 45 for use in calculating the CRC codes 
36 is shown in FIGURE 2A of the drawings. The LFSR 45 

25 consists of cascaded memory boxes 60a and 60b and a 

feedback network, such that the contents of each memory 
box 60a and 60b are first multiplied by a feedback 
coefficient 65a and 65b, respectively, and then summed 
by an adder 68 to produce the feedback elements 70 used 

30 by the CRC calculation logic 48 to calculate the CRC 

code 36. The number of memory boxes 60a and 60b in the 
LFSR 45 is referred to as the length of the LFSR 45. 
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In addition, the contents of the memory boxes 60a and 
60b form the state of the LFSR 45. 

If the LFSR 45 has a length of two, the initial 
state of each of the memory boxes 60a and 60b are both 
one, and the feedback coefficients 65a and 65b, 
respectively, are both one, a linear recurring sequence 
similar to the one shown in FIGURE 2B is formed at the 
output- This is accomplished by multiplying the 
contents of the second memory box 60a, which is one, by 
the first feedback coefficient 65a, which is one, to 
produce a first number, which is one, and transmitting 
the contents of the second memory box 60a, which is 
one, to the first memory box 60b. At the same time, 
the initial contents of the first memory box 60b, which 
is one, are output and multiplied by the second 
feedback coefficient 65b, which is one, to produce a 
second number. Thereafter, the first and second 
numbers are added together by the adder 68 (1 + 1=2) , and 
this sum is loaded into the second memory box 60a. 
This process repeats resulting in the linear recurring 
sequence shown in FIGURE 2B. This linear recurring 
sequence is used by the CRC computation logic 48 to 
calculate the CRC code 36 shown in FIGURE 1 of the 
drawings . 

The generation of the CRC code 36 can be described 
by the following mathematical equations. For example, 
if the information (of the i-th payload 30) to be 
transmitted from the transmitting node 10 to the 
receiving node 20^ is represented by the (binary) 
polynomial U(D) = £ UD i t the CRC bits 36 to be added 
to the payload 30 can similarly ^be^ represented by 
another polynomial, such as, W(D) = £ WD*. W (D) can 
be computed from U(D) and the generator polynomial 
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g(B) = ^2 gD* by, for example, performing the following 
computation: 

W(D) = (D n ' k U(D)) mod g(d) (Equation 1) 



Thus, the final transmitted payload 30 containing both 
the information 34 and the CRC bits 36, hereinafter 
referred to as a codeword, is the concatenation of the 
bits forming U(D) and W (D) . If this codeword is 
represented by the polynomial V(D) = £ Vp l , V(D) can 
be defined as: 

V(D) = D N k U(D) + W(D) (Equation 2) 



The computation of the codeword (as polynomial V (D) ) 
can easily be realized by a circuit 40 consisting of an 
LFSR 45 with feedback polynomial g(D), of the type 
shown in FIGURES 1 and 2A of the drawings. 

With reference now to FIGURE 3 of the drawings, in 
accordance with preferred embodiments of the present 
invention, in order to provide a message authentication 
code {MAC) to verify the identity of the transmitting 
node 10 for each transmitted payload 30 without adding 
to the complexity of the transmitted information 34, 
the CRC code 3 6a can be modulated by a sequence known 
only to the parties sharing a common key, termed K. 
This modified CRC code 36a becomes the MAC. 

The modified CRC code 36a can be obtained by both 
the transmitting node 10 and the receiving node 20 
modifying the initial LFSR 4 5 state not to a 
conventional value, termed 5, but rather to a keyed 
value 58. Thus, instead of setting the initial state 
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of the LFSR 45 for each payload 30 to the initial value 
5, the initial value of the LFSR 45 can be changed 
(modulated) for each payload 30 to be transmitted. For 
example, the initial state J x for the i-th payload can 
be set to the following keyed value 58: 

J t = S 9 X f (K) (Equation 3) 

where X, (K) is a value depending on the payload index 
i and a key K that the transmitting node 10 and 
receiving node 20 secretly exchanged prior to 
communication of the payloads 30, and e denotes a bit- 
wise XOR operation, in which S is modulo-2 added to 
X,(K). Clearly, the sequences {X d (K)} generated for 
disparate K should differ. 

As shown in FIGURE 3, x i( K) is generated by using 
a keyed Pseudo-Noise generator (PN-generator) 50 to 
produce symbols Thereafter, mapping logic 55 maps 

the symbols R s of the keyed PN-generator 50 to the X, (K) 
symbols. The PN-generator 50 can, for example, be an 
additional LFSR 52 with an appropriate feedback 
polynomial, m addition, the key K can be the initial 
state of this additional LFSR 52 or can be the initial 
state plus a description of the feedback polynomial. 

In principle, X d (K) can be a rather simple 
function. For instance, X i( K) may alter randomly 
between all-zeros and all-ones with a probability of H. 
This is easily achieved by initiating the additional 
LFSR state 52 with K and clocking the additional LFSR 
52 for each new payload 30. For example, assuming a 
binary PN-generator 50, the mapping logic 55 maps ' R, = 
0 to X i( K) = 00... 0 and i?j = I to X s (K) = 11. . . l. This 
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implies that an adversary has a probability of H to 
guess correctly what value to use for each payload 30. 
To reduce the probability, X ± (K) can be modulated 
instead to take any of N equiprobable values, such that 
5 an adversary would only succeed with probability 1/N 

per payload. No matter how many values X,(K) can take, 
.the mapping logic 55 should map the symbols R< of the 
PN-generator 50 to the possible modulating symbols 
X L (K) such that, on the average, all possible 

10 modulating symbols X S (K) occur equally often. 

Preferably, the mapping logic 55 allows a simple 
adoption between the PN-generator 50 symbol R< alphabet 
and the alphabet of X S (K) symbols. Thus, the mapping 
logic 55 can map the symbols R± to the symbols X x (K) 

15 either through a simple table-lookup circuit or through 

a direct digital circuit realizing the corresponding 
Boolean function. It should be noted that in some 
cases, the two alphabets may coincide, and therefore, 
the mapping logic 55 can effectively be removed. 

20 With reference now to FIGURE 4 of the drawings, 

which will be described in connection with the steps 
listed in FIGURE 5 of the drawings, a message 
authentication procedure can be implemented using the 
modulated CRC code 36. Once the transmitting node 10 

25 computes the modulated CRC .code 3 6a for the current 

payload 30 (step 500), the transmitting node 10 appends 
this modulated CRC code 36a to the payload 30 (step 
505) and sends this payload 30, including the data 34 
to be transmitted, and the modulated CRC code 36a to 

30 the receiving node 20 (step 510) . At the receiving 

node 20, the receiving node 20 repeats the process 
performed at the transmitting node 10, and calculates 



10 



10 



15 



20 



25 



30 



WO 01/01628 PCT/EP00/05297 

the CRC code 36b for the received payload 30 (step 
515) . If the calculated CRC code 36b does not match 
the received CRC code 3 6a (step 520), the CRC check 
fails (step 525), and the payload 30 is not considered 
correctly received (step 530). If the calculated CRC 
.code 36b does match the received CRC code 36a, the CRC 
check does not fail (step 535), and the payload 30 is 
considered correctly received (step 540) . 

In either case (step 530 or step 540), the current 
received payload 30 and an indication 38 of whether or 
not the CRC check failed is loaded into a sliding 
window 80 in the receiving node 20 (step 545) . At the 
same time, the "oldest" payload 30 is discarded from 
the sliding window 80 (step 550) . Thereafter, 
computation logic 85 within the receiving node 20 
computes the number of failed CRC checks in the sliding 
window 80 . (step 555). The computation logic 85 can 
count the number of failed CRC checks in the sliding 
window 8 0 over all the payloads 30 each time a new 
payload 30 is added and an old payload 30 is removed. 
Alternatively, and preferably, the computation logic 85 
can remove the contribution to the computation of the 
discarded payload 30 and add the contribution of the 
new payload 30 to the computation. 

If the number of failed CRC checks in the sliding 
window 80 surpasses a predefined threshold 88 (step 
560), an alarm 90 within the receiving node 20 is 
activated (step 565) . if not (step 560), the receiving 
node 2 0 continues to accept new payloads 30 from the 
transmitting node 10 (step 515) . If the alarm 90 in 
the receiving node 20 is activated (step 565), the 
receiving node 20 initiates a new authentication 
request to the transmitting node 10 to ensure that the 
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transmitting node 10 has not been replaced by an 
adversary (step 570) . In general, the number of 
possible values for X s (K) , the setting of the threshold 
88, and the sliding window 80 size determine the 
security level against the attacks by an adversary. 

In an alternative embodiment, instead of 
modulating the CRC error detecting code 36, an error 
correcting code capable of correcting transmission 
errors can be modulated with the key K. By appropriate 
choice of g (D) , the error-correcting code can be 
obtained. One example of a common error correcting 
code is a burst error-correcting Fire code. 

As will be recognized by those skilled in the art, 
the innovative concepts described in the present 
application can be modified and varied over a wide 
range of applications. Accordingly, the scope of 
patented subject matter should not be limited to any of 
the specific exemplary teachings discussed, but is 
instead defined by the following claims. 
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WHAT IS CLAIMED IS: 

1. A telecommunications system for providing 
authentication with each transmitted payload to verify 
the source of each transmitted payload, comprising: 

a transmitting node for calculating a first error 
code for a select one of a plurality of payloads, said 
first error code being modulated using a key, said 
transmitting node appending said modulated first error 
code to said select payload and transmitting said 
modulated first error code and said select payload; and 

a receiving node for receiving said modulated 
first error code and said select payload and 
calculating a second error code for said select 
received payload, said second error code being 
modulated using said key, said receiving node further 
comparing said first and second error codes to verify 
the identity of said transmitting node; 

wherein said key is known only to said 
transmitting node and said receiving node. 

2. The telecommunications system of Claim 1, 
wherein said payload comprises information to be 
transmitted. 

3. The telecommunications system of Claim 2, 
wherein said transmitting node further comprises: 

a first linear feedback shift register for 
generating at least one feedback element; and 

means for computing said modulated first error 
code using said at least one feedback element and said 
information within said payload. 
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4. The telecommunications system of Claim 3, 
wherein an initial state of said first linear feedback 
shift register is set to a keyed value, said keyed 
value being derived from said key. 

5 5. The telecommunications system of Claim 4, 

wherein said transmitting node further comprises: 

a first pseudo-noise generator for generating at 
least one symbol; and 

means for mapping said at least one symbol to a 
10 keyed symbol. 

6. The telecommunications system of Claim 5, 
wherein said keyed value comprises the modulo-2 sum of 
said keyed symbol and a conventional value. 

7. The telecommunications system of Claim 5, 
15 wherein said first pseudo-noise generator comprises a 

second linear feedback shift register. 

8. The telecommunications system of Claim 7, 
wherein an initial state of said second linear feedback 
shift register is set to said key. 

20 9. The telecommunications system of Claim 7, 

wherein said key comprises an initial state of said 
second linear feedback shift register and a feedback 
polynomial associated with said second linear feedback 
shift register. 
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10. The telecommunications system of Claim 9, 
wherein said receiving node further comprises: 

a third linear feedback shift register for 
generating at least one additional feedback element; 
and 

means for computing said modulated second error 
code using said at least one additional feedback 
element and said information within said select 
received payload. 

11. The telecommunications system of Claim 10, 
wherein an initial state of said third linear feedback 
shift register is set to an additional keyed value 
derived from said key. 

12. The telecommunications system of Claim 11, 
15 wherein said receiving node further comprises: 

a second pseudo-noise generator for generating at 
least one additional symbol; and 

means for mapping said at least one additional 
symbol to an additional keyed symbol. 



10 



20 



13. The telecommunications system of Claim 12, 
wherein said additional keyed value comprises the 
modulo-2 sum of said additional keyed symbol and a 
conventional value. 



14. The telecommunications system of Claim 12, 
25 wherein said second pseudo-noise generator comprises a 

fourth linear feedback shift register. 
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15. The telecommunications system of Claim 14, 
wherein an initial state of said fourth linear feedback 
shift register is set to said key. 

16. The telecommunications system of Claim 14, 
5 wherein said key comprises an initial state of said 

fourth linear feedback shift register and a feedback 
polynomial associated with said fourth linear feedback 
shift register. 

17. The telecommunications system of Claim 1, 
10 wherein said receiving node further comprises: 

a sliding window for storing a certain number of 
said plurality of received payloads and an indication 
for each of said certain number of said plurality of 
received payloads of whether said respective modulated 
15 first and second error codes match. 

18. The telecommunications system of Claim 17, 
wherein said receiving node further comprises: 

means for computing an indication number 
associated with the number of said indications within 
20 said sliding window that indicate that said associated 

modulated first and .second error codes do not match. 

19. The telecommunications system of Claim 18, 
wherein said receiving node further comprises: 

a threshold value; and 
25 an alarm, said alarm being activated when said 

indication number exceeds said threshold value. 
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20. The telecominunications system of Claim 19, 
wherein said receiving node initiates a new 
authentication request to said transmitting node when 
said alarm is activated. 

21. The telecommunications system of Claim 1, 
wherein said error code is a Cyclic Redundancy Check 
code. 

22. The telecommunications system of Claim 1 , 
wherein said error code is an error correcting code. 

23. A method for providing a message 
authentication code for each of a plurality of payloads 
transmitted from a transmitting node to a receiving 
node, comprising the steps of: 

generating a keyed value for a select one of said 
plurality of payloads, said keyed value being derived 
from a key known only to said transmitting node and 
said receiving node; 

generating an error code modulated using said 
keyed value; and 

transmitting said select payload and said 
modulated error code to said receiving node. 
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24 . The method of Claim 23, wherein said step of 
generating said modulated error code further comprises 
the steps of: 

generating, by a first linear feedback shift 
5 register within said transmitting node, at least one 

feedback element; and 

computing said modulated error code using said at 
least one feedback element and information within said 
select payload.. 

10 25. The method of Claim 24, wherein said step of 

generating said modulated error code further comprises 
the step of: 

initializing said first linear feedback shift 
register to said keyed value. 

15 26. The method of Claim 25, wherein said step of 

generating said keyed value further comprises the steps 
of: 

generating, by a second linear feedback shift 
register within said transmitting node, at least one 
20 symbol; and 

mapping said at least one symbol to a keyed 
symbol, said keyed value comprising the modulo-2 sum of 
said keyed symbol and a conventional value. 

27. The method of Claim 26, wherein said step of 
25 generating said keyed value further comprises the step 

of: 

initializing said second linear feedback shift 
register to said key. 
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28. A method for verifying the source of a 
plurality of payloads received at a receiving node, 
comprising the steps of: 

receiving, at said receiving node, a select one of 
said plurality of payloads and a first modulated error 
code associated with said select payload from a 
transmitting node; 

generating a keyed value for said select received 
payload, said keyed value being derived from a key 
known only to said transmitting node and said receiving 
node; 

generating a second error code modulated using 
said keyed value; and 

comparing said modulated first and second error 
codes to verify the identity of said transmitting node. 

29. The method of Claim 28, wherein said step of 
generating said modulated second error code further 
comprises the steps of: 

generating, by a first linear feedback shift 
register within said receiving node, at least one 
feedback element; and 

computing said modulated second error code using 
said at least one feedback element and information 
within said select received payload. 

30. The method of Claim 29, wherein said step of 
generating said modulated second error code further 
comprises the step- of: 

initializing said first linear feedback shift 
register to said keyed value derived from said key. 
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31. The method of Claim 30, wherein said step of 
generating said keyed value further comprises the step 
of: 

generating, by a second linear feedback shift 
5 register within said receiving node, at least one 

symbol; and 

mapping said at least one symbol to a keyed 
symbol, said keyed value comprising the modulo-2 sum of 
said keyed symbol and a conventional value. 



10 .32. The method of Claim 31, wherein said step of 

generating said keyed value further comprises the step 
of: 

initializing said second linear feedback shift 
register to said key. 

15 33. The method of Claim 28, wherein said step of 

comparing further comprises the step of: 

storing within a sliding window within said 
receiving node a certain number of said plurality of 
received payloads and an indication for each of said 

20 certain number of said plurality of received payloads 

of whether said respective modulated first and second 
error codes match. 

34. The method of Claim 33, wherein said step of 
comparing further comprises the step of: 
25 computing an indication number associated with the 

number of said indications within said sliding window 
that indicate that said associated modulated first and 
second error codes do not match. 
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